{% text "preview_text" label="Preview Text This will be used as the preview text that displays in some email clients", value="", no_wrapper=True %}


READ IN BROWSER

07/20/2021
linkedin facebook twitter instagram
WorkScoop
TSA is demanding more from critical pipeline companies. CISA and the FBI point to China over older pipeline hacks. And Apple might have an NSO Group problem. This is CyberScoop for July 20, 2021.

TSA expands security requirements for key pipeline owners

TSA issued a second cybersecurity directive on Tuesday for critical pipeline owners. It follows a directive in May after the Colonial Pipeline ransomware attack, that one focused on mandatory reporting of cybersecurity incidents. While DHS didn't publicly release the directive itself, the department said it would require certain owners "to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review." Tim Starks reports on the announcement.


A Message From AWS Educate

With over 1,500 institutions and hundreds of thousands of students who use AWS Educate, we wanted to take you on a trip around the world and highlight how students are learning and innovating with the cloud. Learn more.


US slams Chinese hackers again, pipeline edition

State-sponsored Chinese cybercriminals successfully hacked into the control systems of several U.S. oil and natural gas pipelines between December 2011 to 2013, a Wednesday alert from CISA and the FBI reveals. The hackers obtained information that would have allowed them to remotely perform unauthorized operations that could have done serious physical damage. The campaign compromised at least 13 companies. U.S. officials are warning the industry to be on guard for a number of potential threats. Tonya Riley has more.


Spotlight is back on NSO Group

NSO Group’s Pegasus spyware may be actively exploiting the most recent software in the iPhone 12 to monitor victims through the world, according to a sweeping new report from Amnesty International. Apple is investigating the matter. The revelation comes as part of a broader investigation into the use of the notorious spyware. Between July 2014 and July 2021, the NSO Group’s Pegasus software was used to target more than three dozen smartphones belonging to journalists, human rights activists and business executives, according to a joint investigation between Amnesty and several media organizations. Tonya recaps.


Court, at Microsoft's behest, cracks down on homoglyphs

Microsoft has obtained a court order requiring domain registrars to shut down service on fraudulent domains cybercriminals have used to impersonate the company for illicit profit. It's focused on "homoglyphs," where criminals use slight changes with similar-looking characters in the company's URL, like changing the "O" in Microsoft to a zero. Microsoft said the order originated from a business email compromise attack, in which a criminal group that looks like it's bassed out of West Africa created 17 malicious homoglyph domains. Read how and why the company did it.


Tweet Of The Day

Image

Listen, even cyberwar has to take a break from the grind every now and then.


Want more? Catch our events for all things workforce!
{% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} Copyright (c) 2019 WorkScoop, All rights reserved.

{{ site_settings.company_name }}
{{ site_settings.company_street_address_1 }}
{{ site_settings.company_city }} {{ site_settings.company_state }} 20036

Update your email preferences
Unsubscribe {% end_widget_attribute %} {% end_widget_block %} {# {% widget_block rich_text 'unsubscribe' label='Unsubscribe' overridable=true no_wrapper=true %} {% widget_attribute 'html' %} You received this email because you are subscribed to {{ subscription_name }} from {{site_settings.company_name}}. If you prefer not to receive emails from {{site_settings.company_name}} you may unsubscribe or set your email preferences. {% end_widget_attribute %} {% end_widget_block %} #}